RepoMirrors
/
openssh
mirror of git://anongit.mindrot.org/openssh.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

upstream commit 

allow LogLevel in sshd_config Match blocks; ok dtucker
bz#2717

Upstream-ID: 662e303be63148f47db1aa78ab81c5c2e732baa8
This commit is contained in:
djm@openbsd.org 2017-05-17 01:24:17 +00:00 committed by Damien Miller
parent 277abcda3f
commit 54cd41a466
6 changed files with 32 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
auth.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: auth.c,v 1.119 2016/12/15 21:29:05 dtucker Exp $ */ /* $OpenBSD: auth.c,v 1.120 2017/05/17 01:24:17 djm Exp $ */
/* /*
* Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2000 Markus Friedl. All rights reserved.
* *
@ -635,6 +635,7 @@ getpwnamallow(const char *user)
ci->user = user; ci->user = user;
parse_server_match_config(&options, ci); parse_server_match_config(&options, ci);
log_change_level(options.log_level);
#if defined(_AIX) && defined(HAVE_SETAUTHDB) #if defined(_AIX) && defined(HAVE_SETAUTHDB)
aix_setauthdb(user); aix_setauthdb(user);

35
log.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: log.c,v 1.49 2017/03/10 03:15:58 djm Exp $ */ /* $OpenBSD: log.c,v 1.50 2017/05/17 01:24:17 djm Exp $ */
/* /*
* Author: Tatu Ylonen <ylo@cs.hut.fi> * Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -256,18 +256,7 @@ log_init(char *av0, LogLevel level, SyslogFacility facility, int on_stderr)
argv0 = av0; argv0 = av0;
switch (level) { if (log_change_level(level) != 0) {
case SYSLOG_LEVEL_QUIET:
case SYSLOG_LEVEL_FATAL:
case SYSLOG_LEVEL_ERROR:
case SYSLOG_LEVEL_INFO:
case SYSLOG_LEVEL_VERBOSE:
case SYSLOG_LEVEL_DEBUG1:
case SYSLOG_LEVEL_DEBUG2:
case SYSLOG_LEVEL_DEBUG3:
log_level = level;
break;
default:
fprintf(stderr, "Unrecognized internal syslog level code %d\n", fprintf(stderr, "Unrecognized internal syslog level code %d\n",
(int) level); (int) level);
exit(1); exit(1);
@ -340,13 +329,27 @@ log_init(char *av0, LogLevel level, SyslogFacility facility, int on_stderr)
#endif #endif
} }
void int
log_change_level(LogLevel new_log_level) log_change_level(LogLevel new_log_level)
{ {
/* no-op if log_init has not been called */ /* no-op if log_init has not been called */
if (argv0 == NULL) if (argv0 == NULL)
return; return 0;
log_init(argv0, new_log_level, log_facility, log_on_stderr);
switch (new_log_level) {
case SYSLOG_LEVEL_QUIET:
case SYSLOG_LEVEL_FATAL:
case SYSLOG_LEVEL_ERROR:
case SYSLOG_LEVEL_INFO:
case SYSLOG_LEVEL_VERBOSE:
case SYSLOG_LEVEL_DEBUG1:
case SYSLOG_LEVEL_DEBUG2:
case SYSLOG_LEVEL_DEBUG3:
log_level = new_log_level;
return 0;
default:
return -1;
}
} }
int int

4
log.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: log.h,v 1.21 2016/07/15 05:01:58 dtucker Exp $ */ /* $OpenBSD: log.h,v 1.22 2017/05/17 01:24:17 djm Exp $ */
/* /*
* Author: Tatu Ylonen <ylo@cs.hut.fi> * Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -49,7 +49,7 @@ typedef enum {
typedef void (log_handler_fn)(LogLevel, const char *, void *); typedef void (log_handler_fn)(LogLevel, const char *, void *);
void log_init(char *, LogLevel, SyslogFacility, int); void log_init(char *, LogLevel, SyslogFacility, int);
void log_change_level(LogLevel); int log_change_level(LogLevel);
int log_is_on_stderr(void); int log_is_on_stderr(void);
void log_redirect_stderr_to(const char *); void log_redirect_stderr_to(const char *);

3
monitor_wrap.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: monitor_wrap.c,v 1.89 2016/08/13 17:47:41 markus Exp $ */ /* $OpenBSD: monitor_wrap.c,v 1.90 2017/05/17 01:24:17 djm Exp $ */
/* /*
* Copyright 2002 Niels Provos <provos@citi.umich.edu> * Copyright 2002 Niels Provos <provos@citi.umich.edu>
* Copyright 2002 Markus Friedl <markus@openbsd.org> * Copyright 2002 Markus Friedl <markus@openbsd.org>
@ -295,6 +295,7 @@ out:
#undef M_CP_STRARRAYOPT #undef M_CP_STRARRAYOPT
copy_set_server_options(&options, newopts, 1); copy_set_server_options(&options, newopts, 1);
log_change_level(options.log_level);
free(newopts); free(newopts);
buffer_free(&m); buffer_free(&m);

7
servconf.c
View File

@ -1,5 +1,5 @@
/* $OpenBSD: servconf.c,v 1.307 2017/04/27 13:40:05 jsg Exp $ */ /* $OpenBSD: servconf.c,v 1.308 2017/05/17 01:24:17 djm Exp $ */
/* /*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved * All rights reserved
@ -449,7 +449,7 @@ static struct {
{ "keyregenerationinterval", sDeprecated, SSHCFG_GLOBAL }, { "keyregenerationinterval", sDeprecated, SSHCFG_GLOBAL },
{ "permitrootlogin", sPermitRootLogin, SSHCFG_ALL }, { "permitrootlogin", sPermitRootLogin, SSHCFG_ALL },
{ "syslogfacility", sLogFacility, SSHCFG_GLOBAL }, { "syslogfacility", sLogFacility, SSHCFG_GLOBAL },
{ "loglevel", sLogLevel, SSHCFG_GLOBAL }, { "loglevel", sLogLevel, SSHCFG_ALL },
{ "rhostsauthentication", sDeprecated, SSHCFG_GLOBAL }, { "rhostsauthentication", sDeprecated, SSHCFG_GLOBAL },
{ "rhostsrsaauthentication", sDeprecated, SSHCFG_ALL }, { "rhostsrsaauthentication", sDeprecated, SSHCFG_ALL },
{ "hostbasedauthentication", sHostbasedAuthentication, SSHCFG_ALL }, { "hostbasedauthentication", sHostbasedAuthentication, SSHCFG_ALL },
@ -1345,7 +1345,7 @@ process_server_config_line(ServerOptions *options, char *line,
if (value == SYSLOG_LEVEL_NOT_SET) if (value == SYSLOG_LEVEL_NOT_SET)
fatal("%.200s line %d: unsupported log level '%s'", fatal("%.200s line %d: unsupported log level '%s'",
filename, linenum, arg ? arg : "<NONE>"); filename, linenum, arg ? arg : "<NONE>");
if (*log_level_ptr == -1) if (*activep && *log_level_ptr == -1)
*log_level_ptr = (LogLevel) value; *log_level_ptr = (LogLevel) value;
break; break;
@ -1989,6 +1989,7 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth)
M_CP_INTOPT(ip_qos_bulk); M_CP_INTOPT(ip_qos_bulk);
M_CP_INTOPT(rekey_limit); M_CP_INTOPT(rekey_limit);
M_CP_INTOPT(rekey_interval); M_CP_INTOPT(rekey_interval);
M_CP_INTOPT(log_level);
/* /*
* The bind_mask is a mode_t that may be unsigned, so we can't use * The bind_mask is a mode_t that may be unsigned, so we can't use

5
sshd_config.5
View File

@ -33,8 +33,8 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\" .\"
.\" $OpenBSD: sshd_config.5,v 1.244 2017/05/07 23:12:57 djm Exp $ .\" $OpenBSD: sshd_config.5,v 1.245 2017/05/17 01:24:17 djm Exp $
.Dd $Mdocdate: May 7 2017 $ .Dd $Mdocdate: May 17 2017 $
.Dt SSHD_CONFIG 5 .Dt SSHD_CONFIG 5
.Os .Os
.Sh NAME .Sh NAME
@ -1066,6 +1066,7 @@ Available keywords are
.Cm IPQoS , .Cm IPQoS ,
.Cm KbdInteractiveAuthentication , .Cm KbdInteractiveAuthentication ,
.Cm KerberosAuthentication , .Cm KerberosAuthentication ,
.Cm LogLevel ,
.Cm MaxAuthTries , .Cm MaxAuthTries ,
.Cm MaxSessions , .Cm MaxSessions ,
.Cm PasswordAuthentication , .Cm PasswordAuthentication ,